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1 Conventions Used in this Document 


The following typographic conventions and symbols are used throughout document: 
Additional information that may be helpful but which is not required. 

Important information that should be observed. 


bold Menu commands, buttons, input fields, links, and configuration keys are displayed in bold 


italic References to sections inside the document are displayed in italic. 


code File names, directory names, form names, system-generated output, and user 
typed entries are displayed in constant-width type 


Abbreviation List 


Abbreviation 

Description 

ACL 

Access Control List 

AES 

Advanced Encryption Standard 

AMSDU 

Aggregated Mac Service Data Unit 

AP 

Access Point 

CRC 

Cyclic Redundancy Check 

DHCP 

Dynamic Host Control Protocol 

EAP 

Extensible Authentication Protocol 

GHz 

Gigahertz 

GMT 

Greenwich Mean Time. 

GUI 

Graphical User Interface 

IEEE 

Institute of Electrical and Electronics Engineers 

ISP 

Internet Service Provider 

IP 

Internet Protocol 

LAN 

Local Area Network 

LED 

Light-Emitting Diode 

MAC 

Media Access Control 

Mbps 

Megabits per second 

MHz 

Megahertz 

MIMO 

Multiple Input, Multiple Output 

MSCHAPV2 

Microsoft version of the Challenge-handshake authentication protocol, CHAP. 

NAT 

Network address translation - translation of IP addresses (and ports) 

PC 

Personal Computer 

PDA 

Personal Digital Assistant 

PTP 

Point To Point 

PTMP 

Point To Multi Point 

PSK 

Pre-Shared Key 

QoS 

Quality of Service 
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REAP 

Protected Extensible Authentication Protocol 

RSSI 

Received Signal Strength Indication - received signal strength in mV, 
measured on BNC outdoor unit connector 

RX 

Receive 

SISO 

Simple Input, Simple Output 

SNMP 

Simple Network Management Protocol 

SMTP 

Simple Mail Transfer Protocol 

SSID 

Service Set Identifier 

TCP 

Transmission Control Protocol 

TKIP 

Temporal Key Integrity Protocol 

TTLS 

Tunneled Transport Layer Security (EAP-TTLS) protocol 

TX 

Transmission 

UDP 

User Datagram Protocol 

UAM 

Universal Access Method 

VLAN 

Virtual Local Area Network 

VoIP 

Voice over Internet Protocol 

WDS 

Wireless Distribution System 

WEP 

Wired Equivalent Privacy 

WISPr 

Wireless Internet Service Provider roaming 

WLAN 

Wireless Local Area Network 

WPA 

Wi-Fi Protected Access 

WPA2 

Wi-Fi Protected Access 2 
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2 Packing list 


1 piece power cable 
1 piece power adapter 
1 piece connector 
1 piece bent threaded rod 
1 piece bracket 
1 piece screw 
4 pieces nuts 
+ 

1 piece user manual CD 



1 piece GD-GEO20-TP 


GeoDesy 



wwv ge<x^®sy-feo com 
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GD-GEO20 offers reliable, great performance and cost-effective point-to-multipoint outdoor and indoor 
wireless solutions perfectly suited for access technology, private network and hotspots. Beside that 
ARC (Access Point/Customer Premises Equipment) can be used for a light point-to-point applications. 
ARC works in unlicensed 2.4 or 5 GHz frequency band, which is attractive solution for quick and simple 
network creation with minimum investment. These products support newest WLAN standards IEEE 
802.11n and are compatible with IEEE 802.1 la/b/g, also have options for SISO and MIMO 
functionality. The private protocol named iPoll offers effective point-to-multipoint deployment scenario. 


3.1 Deployment Scenarios 

3.1.1 HotSpot 

AP can easily create hotspofs zone network on 2.4 GHz and 5 GHz unlicensed band. IEEE 11n lets 
achieve (depending on laptop, smart-phone or PDA capabilities) great throughput and support all 
possible client equipment (based on IEEE 802.a/b/g). Hotspot zones can be created indoor or 
outdoor. 



HotSpot Scenario 


3.1.2 Point to Multipoint 

This is the IEEE 802.1 In wireless multipoint which delivers several times higher throughput than 
802.1 la/g. The APC supports a private wireless point to multipoint protocol called iPoll which allows 
connecting more than one iPoll Stations to the iPoll Access Point thus creating a robust point to multi 
point network. 



Point to Multipoint Scenario 


3.1.3 Light PTP 

GD-GEO20 supports access point and station operating modes, therefore point-to-point can be created 
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From AP and Station or from 2 Station’s or from 2 AP''s. For simplicity two Stations can be used 
Because they have integrated directional antennas. There are available options for SISO and MIMO 
PTPs. Maximum achievable real data throughput is up to 160 Mbps. 

Light Point to Point 



Light PTP Scenario 


4 Device Setup 

The default product address is 192.168.2.66. 
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To access the Web management interface, configure your PC with a static IP address on the 
192.168.2.0 subnet with mask 255.255.255.0. Connect the AP device in to the same physical network 
as your PC. Open the Web browser and type the default IP address of the AP device 
https://i92.i68.2.66/ and the login page will be loaded. Enter default administrator login 
settings: 


Login 

admin 

PassvA^rd 

**^****^ 


Login 


Login Page 


The default administrator login settings are: 

Login: admin 

Password: adminOI 

After successful administrator login you will see the main page of the device Web management 
interface. The device now is ready for configuration. 


4.1 AP Setup 

Follow the steps for initial wireless Access Point setup that will be prepared to accept wireless Station 
connections (refer to the section Initial Station Setup for instructions). 

Step 1 . Connect an Ethernet cable between your computer and the AP. 


Step 2. Make sure your computer is set to the same subnet as the AP, i.e. 192.168.2.150 


Step 3. Start your Web browser. 


Step 4. Each device uses following default settings: 

- WAN IP: 192.168.2.66 

■ Subnet mask: 255.255.255.0 

■ Username: admin 

■ Password: adminOI 

Step 5. Enter the default password, and then press the Login button to enter the AP web 
management page. 


Step 6. Navigate to the Configuration | Network tab and choose the Router network mode 
with NAT enabled. Static IP enabled on WAN side, LAN settings with DHCP server enabled (to loan 
an IP addresses for connected clients) on LAN side and click Save Appiy: 
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Status Configuration Services System Tools 


I Apply J ^ Discard J ^ Save & Apply j ^ Logout j 


Network j Wireless i Virtual AP i Wireless ACL i Traffic shaping i Port forwarding i Static routes 


Netv#ork mode i Router 


Ethernet speed auto 


y, NAT 


WAN, wired 


LAN, wireless 


MAC address 

VLAN ID 

00:19!3B:FF:1C!5F 

u 

IP address 

Subnet mask 

WAN mode 

^ static IP ▼ J 

DHCP mode 

IP address 

192.168.3.153 

IP address from 

Subnet mask 

255.255.255.0 

IP address to 

Default gateway 

192.168.3.1 

Subnet mask 

DNS server 1 

195.14.76.1 

Default gateway 

DNS server 2 


Lease time, s 

Enable secondary IP 

1_1 

DNS server 1 

IP address 


DNS server 2 

Subnet mask 



192.168.15.15 


255.255.255.0 


192.168.15.1 


192.168.15.254 


255.255.255.0 


192.168.15.15 


192.168.15.15 


Step 7. Navigate to the Configuration | Wireiess tab, choose Access Point wireless mode with WDS 
enabled, specify the SSID with Broadcast enabled. Security parameters and IEEE mode and click 

Save&Appiy: 

Apply I Discard j Save & Apply ^ Logout j 

Status Configuration Services System Tools 

^ Network Wireless j Virtual AP | Wireless ACL j Traffic shaping j Port forwarding j Static routes ^ 

Wireless mode ^ Access Point (auto WDS) ▼ J Country ^ UNITED STATES _^ 


SSID my AP 
Broadcast SSID yj 




Channel v^dth ^ 20/40 MHz Above ▼ J 
Channel , Auto ▼ 


Security 

Encryption 

Advanced 

Tx power (dBm) 
Enable ATPC 
Antenna gain, dBi 
Comply regulations 
Fragmentation 
RTS 


Personal WPA2 


Mode 
Max data rate 
Max data rate N 
Disable data rate fallback 


MIMO 2x2 


u 

u 


Short GI y 

MPDU density 4 


Quality of service (WMM) j_| 

Client isolation j_| 

Enable DFS j_| 

Enable AMSDU ]_j 


ACK timeout 




M 


Step 8. Verify connection. Navigate to Status | Information menu to check if the Station are 
successfully connected to the APC device: 
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1 Apply 1 Discard j Save 8 l Apply 

1 

Logout j, 

Status Configuration 

Services System 

Tools 



i 

I_I High contrast viev/ 

Information 

1 

Network 

Wireless Routes 

ARP Refresh 

j |_J Auto 

System information 



Wireless information 



Product 

GD-GEO20 


Connected 

1 peer(s) 


Friendly name 

AP 


Wireless mode 

Access Point 


Device location 

location 


IEEE mode 

N 


Latitu d e/ Lo n g itu d e 

O.O/O.O 


Max data rate N 

300 Mbps 


Firmv/are version 

FWBD-0100.V5.53.31473 

Country code 

US 


Uptime 

35 mins 1 sec 


Channel 

44 (5220 MHz) 


System time 

Ol-Jan-2010 00:34 


Channel width 

20/40 MHz Above 


Average load 

1 min: 0.34 

-! 34% 

Transmit pov/er 

25 dBm 



5 min: 0.37 *wi 

37% 





15 min: 0.27 ^ 

27% 

SSID details 






raO (my AP) 

Personal WPA2 TKIP 


Network mode: router 






WAN 



LAN 



IP address 

192.168.3.151 


IP address 

192.168.15.15 


Subnet mask 

255.255.255.0 


Subnet mask 

255.255.255.0 


Gatev^y 

192.168.3.1 


DHCP 

server 


DNS server 1 

195.14.162.78 





DNS server 2 







4.2 Station Setup 

Follow the steps for initial wireless client setup that will be connected to the previously configured AP 
(refer to the section Initial AP Setup). 

Step 1 . Connect an Ethernet cable between your computer and the GD-GEO20 device. 


Step 2. Make sure your computer is set to the same subnet as the APC, i.e. 192.168.2.150 


Step 3. Start your Web browser. 


Step 4. Each APC devices uses following default settings: 

- WAN IP: 192.168.2.66 

■ Subnet mask: 255.255.255.0 

■ Username: admin 

■ Password: adminOI 

Step 5. Enter the default password, and then press the Login button to enter the APC web 
management page. 


Step 6. Navigate to the Configuration | Network tab and choose the bridge network mode 
with, Dynamic IP enabled (be sure that AP to which the device will be associated has a DHCP server 
running ((refer to the section Initial AP Setup for instructions)), specify the DHCP fallback settings in 
case the DHCP server will be unreachable and click Save Appiy button: 
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Step 7. Navigate to the Configuration | Wireiess tab, choose Station WDS wireless mode, 
click Scan button near the SSID entry field to choose the SSID of the AP where the station will be 
associated to. Specify the Security parameters for the AP, check IEEE mode (these settings must 
conform to AP wireless settings) and click Save Appiy: 

I Apply j Discard j Save & Apply j Logout 

Status Configuration Services System Tools 



Step 8. Verify connection. Navigate to the Status | Network page. The Network page will 
show main network information about association with AP: 
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^ Apply j ^ Discard j Save & Apply ^ Logout 

Status Configuration Services System Tools 

I_I High contrast viev/ Information Network . j Routes | ARP ^ Refresh j j_j Auto 

Network 


Interface 

IP address 

MAC address 

RX packets 

RX errors 

TX packets 

TX errors 

brO 

192.168.4.1 

00:19;3B:FB:71:80 

1867 

0 

1947 

0 

ethO 

0.0.0.0 

00:19!3B:FF:1C:60 

3713 

0 

3427 

0 

raO (my AP) 

0.0.0.0 

00:19:3B:FB:71:80 

11045 

0 

271 

0 


brX: bridge 
ethO: ethernet 
raX: wireless 

raX.Y, ethO.Y; Y stands for VLAN ID 


The main Status | Information page will display wireless information of the link with access point. 

The connection status must be displayed as Connected and progress bars indicating the quality of the 
connection must be displayed: 





Apply 1 Discard j | Save & Apply i 

1 Logout ^ 

Status Configuration 

Services System 

Tools 




j_1 High contrast view 

Information 

Network 

ir.rie: Routes 

ARP 1 Refresh 

j 1_1 Auto 

System information 



Wireless information 



Product 

GD-GEO20 


Connection status 

Connected 


Friendly name 

Device name 


Signal level (Main) 

^ ! -46 dBm 


Device location 

Device location 


Signal level (Aux) 

-40 dBm 


Latitude/Longitude 

0.0/0.0 


Noise level 

-95 dBm 


Firmv/are version 

FWBD-0100.V5.77.37763 

Wireless mode 

Station WDS 


Uptime 

2 hours 48 mins 45 secs 


IEEE mode 

N 


System time 

Ol-Jan-2011 02:48 


Data rate 

144 Mbps 


Average load 

1 min: 0.41 ^ 

41% 

SSID 

my AP 



5 min: 0.46 

“1 46% 

Peer MAC address 

00:19:3B:FB:71:7C 



15 min: 0.24 

— J 24% 







Security 

Open 





Country code 

US 





Channel 

165 (5825 MHz) 





Channel width 

20/40 MHz Above 





Transmit pov#er 

20 dBm 


Network mode: bridge 






IP address 

192.168.4.1 





Subnet mask 

255.255.255.0 





Gatev/ay 

192.168.4.66 





DNS server 1 

192.168.4.66 





DNS server 2 
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5 Network Mode 

5.1 Bridge Mode 

The device can act as a wireless network bridge and establish wireless links with other APs. In this 
mode all LAN port and Wireless interface will be a part of the Bridge. 



Bridge Mode 

With a Bridge, all connected computers are in the same network subnet. The only data that is allowed 
to cross the bridge is data that is being sent to a valid address on the other side of the bridge. 


5.2 Router Mode 

In router mode the device will receive internet through WAN port and will share it to the LAN ports that 
will be separated with a different IP range. The type of connection to the WAN interface can be made 
by Static IP, DHCP client or PPPoE client. 
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6 Device Operation 

6.1 Web Management Structure 


The main web management menu is displayed after successfully login into the system (see the figure 
below). From this menu aii essentiai configuration pages are accessed. The active menu tab is 
displayed in a different color: 





I Apply j 1 Discard I I Save & Apply I I 

Logout j 

Status Configuration 

Services System 

Tools 




I_I High contrast view 

Information 

Network 

Wireless Routes 

ARP 1 Refresh J j_j 

Auto 

System information 



Wireless information 



Product 

GD-GEO20 


Connected 

1 peer(s) 


Friendly name 

Device name 


Wireless mode 

Access Point (auto WDS) 


Device location 

Device location 


IEEE mode 

N 


Latitude/Longitude 

O.O/O.O 


Max data rate N 

144 Mbps 


Firmware version 

FWBD-0100.v5.77.37763 

Country code 

US 


Uptime 

1 day 0:36:52 


Channel 

165 (5825 MHz) 


System time 

02-Jan-2011 00:36 


Channel v/idth 

20 MHz 


Average load 

1 min: 0.06 * 

^ 6% 

Transmit pov/er 

20 dBm 



5 min: 0.12 ■■ ' 

-1 12% 





15 min: 0.09 it 

-' 9% 

SSID details 






II raO (my AP) 

Open 


Network mode: router 






WAN 



LAN 



IP address 

192.168.3.151 


IP address 

192.168.4.66 


Subnet mask 

255.255.255.0 


Subnet mask 

255.255.255.0 


Gatev/ay 

192.168.3.1 


DHCP 

server 


DNS server 1 

195.14.162.78 





DNS server 2 







Figure 7 - Main Web Management Menu 


By default the Status | Information menu is activated where the main device information is dispiayed. 
The AP web management menu has the foiiowing structure: 

Status 


Information - displays general information of the device. 


Network - dispiays main network and wireless statistics of the device. 

Wireiess- dispiays information about connected stations on the particular interface (oniy on 
Station wireiess mode). 

Routes - displays unit’s route tabie. 

ARP - dispiays ARP table. 

Configuration 

Network - network mode, Ethernet speed, IP settings, management and data VLANs, DHCP, 
PPPoE. 


Wireless - specify wireless mode (AP, Station, iPoll AP, iPoll Station), country, SSiD, IEEE 
Mode, channel configuration, security, advanced radio settings. 

Virtual AP - create and setup virtual AP (only in AP wireiess mode). 

Wireless ACL - access control by MAC address (only in AP and IPoii AP wireless modes). 
Traffic shaping - download and upload traffic controi. 

Port forwarding - port forwarding rules (only in router network mode for AP and IPoll AP). 


Static routes - static route rules (only in router network mode for AP and iPoii AP). 
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Services 

WNMS - set WNMS server/collector URL allowing remote device configuration and monitoring. 
System Alerts - set alerts which can be sent via SNMP Traps or/and SMTP notifications. SNMP 
- SNMP service settings allowing remote device monitoring. 

Clock/NTP - set device date manually or enable and configure NTP service. 

SSH - control SSH connection. 

HTTP - control HTTP connection. 

System 

Administration - change password, reboot, restore factory default settings, backup/restore 
configuration, troubleshooting file support. 

Log - view device log, set system log forwarding settings. 

LED - control operation of LEDs. 

Firmware upgrade - upgrade device firmware. 

Tools 

Antenna alignment - measure received signal quality of the wireless link to align antenna in the 
best direction. 

Site Survey - information about other wireless networks in the local area. 

Delayed reboot - setup delayed reboot for APC unit. 

Ping - perform ping command. 

Traceroute- perform graphical traceroute command. 

Spectrum analyzer - check the signal strength on available channels. 


6.2 Appling and Saving Configuration Changes 

There are three general buttons located on the right top corner of the WEB GUI allowing managing 
device configuration: 

Apply - if pressed new configuration settings are applied instantly. It will take few seconds and 
the device will be running with new settings. It should be noted that pressing Apply button 
settings are not written to the permanent memory. Therefore, if the device is rebooted it will 
start with old configuration settings. 

Discard - if pressed parameter changes are discarded. It should be noted that if Apply or 
Save Apply is pressed it is not possible to discard changes. 

Save Apply - if pressed new configuration settings are applied instantly and written to the 
Permanent memory. 

It is not required to press Apply or Save Apply in every Web GUI tab. The device remembers all 
changes made in every tab and after action button is used, all changes will be applied. 
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7 Configuration 

7.1 Status 

7.1.1 Information 

The Information page displays a summary of status information of your device. It shows important 
information for the APC operating mode, network settings. 





1 Apply 1 Discard Save &. Apply 

^ Logout 

Status Configuration 

Services System 

Tools 




1_I High contrast viev/ 

Information 

Network j 

Vv .--1 Routes j , 

ARP ^ Refresh 

J U 

System information 



Wireless information 



Product 

CPE MiMo 


Connection status 

Connected 


Friendly name 

5.53 CPE 


Signal level (Main) 

-35 dBm 


Device location 

Device location 


Signal level (Aux) 

-31 dBm 


La titu d e/Lo n g itu d e 

O.O/O.O 


Noise level 

-95 dBm 


Firmware version 

FWBD-0100.v5.53.31015 

Wireless mode 

Station 


Uptime 

1 day 2:51:14 


IEEE mode 

N 


System time 

02-Jan-2010 02:51 


Data rate 

300 Mbps 


Average load 

1 min: 0.21 

-1 21% 

SSID 

5.53 AP 



5 min: 0.18 M ! 

18% 

Security 

Personal WPA2 TKIP 



15 min: 0.15 

15% 







Country code 

US 





Channel 

44 (5220 MHz) 





1 Channel width 

20/40 MHz Above 





|j Transmit power 

25 dBm 


Network mode: bridge 






IP address 

192.158.3.152 





Subnet mask 

255.255.255.0 





Gatev/ay 

192.158.3.1 





DNS server 1 






DNS server 2 







System information - displays general information about the device. 

Wireiess information - displays general information about the wireless network. The wireless 
information will differ on Access Point, Station, iPoll wireless modes: 

- AP mode - displays access point operating information, number of connected clients and SSID 
details (including VAPs). 

■ Station mode - displays settings at which the station is connected to the access point. 

■ iPoii AP - displays iPoll access point operating information, number of connected wireless 
Stations. 

■ iPoii Station - displays settings at which the iPoll wireless station is connected to the iPoll 
Access point. 

Network mode - displays short summary of the APC current network configuration (bridge or router). 
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7.1.2 Status Network 

The Network sections displays statistics of the network interfaces and DHCP leases (depending on 
network mode): 

Apply ^ Discard j ^ Save & Apply j | Logout 

Status Configuration Services System Tools 


1 _j High contrast 

Network 

WAN 

Interface 

ethO 

viev/ 

Information Network 

1 Wireless j 

Routes j ARP 

L 

Refresh j | _j 

IP address 

192.168.3.151 

MAC address 

00:19:3B:FF:1C:5F 

RX packets 

62238585 

RX errors 

0 

TX packets 

8509 

TX errors 

0 

LAN 







Interface 

IP address 

MAC address 

RX packets 

RX errors 

TX packets 

TX errors 

brO 

192.168.4.66 

00:19:3B:FB:71:7C 

21012 

0 

61 

0 

raO (my AP) 

0.0.0.0 

00:19:3B:FB:71:7C 

30117 

0 

18153 

372 


brX: bridge 
ethO: ethernet 
raX: wireless 

raX.Y, ethO.Y; Y stands for VLAN ID 

DHCP leases 

MAC address IP address Expires in 

00:19;3B:FB:71:80 192.168.4.1 22 hours, 48 minutes, 44 seconds 

Figure 9 - Network Statistics 

Interface - displays the interface name. The SSID name is displayed in the brackets near the radio 
interface (and VAPs). 

IP address - displays the IP address of the particular interface. 

MAC - displays the MAC address of the particular interface. 

Received - displays the number of received packets. 

RX errors - displays the number of the RX errors. 

Transmitted - displays the number of transmitted packets. 

TX errors - displays the number of the TX errors. 

DHCP leases - table displays information about leased DHCP addresses. 


7.1.3 Wireless 

Status Wireless section is not available if APC is operating in Station wireless mode. All necessary 
information about wireless connection with AP unit is under Information section. 


The Wireless statistics displays the receive/transmit statistics of successfully associated wireless 
clients: 





[ Apply J 1 

Discard 1 I Save & Apply I 

Logout 

Status Configuration 

Services 

System Tools 












1 1 High contrast viev/ 

Information | Network 

Wireless | Routes 

1 

^ Refresh 

J U 

raO (my AP) 







Peer MAC 

Signal, dBm 

Noise, dBm 

IEEE mode 

Data rate. Mbps 

Connection time 

00:19:3B:FB:71:80 • 

-26/-26 

-95 

N 

144 

0:23:54 
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In case the access point has more than one wireless interface (VAPs), the appropriate number of 
tables with information about connected wireless clients will be displayed. 

Peer MAC - displays MAC address of the successfully connected wireless client. 

Signal - indicates the signal strength of the access point main and auxiliary antennas that the station 
communicates with displayed dB. 

Noise - displays the noise level in dBm. 

IEEE mode - displays the IEEE mode at which the access point communicates with the particular 
station. 

Data rate - displays the data rate at which the access point communicates with the particular station. 
Connection time - displays the duration of the session. 


7.1.4 Routes 

The Routes page displays the routing table for each interface: 

^ Apply j ^ Discard j Save & App>y 


Logout 


Status Configuration Services System 


Tools 


1 _j High contrast view 

Information i 

'S, 1 

Network j 

1 Wireless Routes 

ARP 1 Refresh j | _j Auto 

Routes table 





Network 

Netmask 


Gateway 

Interface 

192,168.4.0 

255.255.255.0 


* 

brO 

192.168.3.0 

255,255.255.0 


* 

ethO 

default 

0.0.0.0 


192.168.3.1 

ethO 


7.1.5 ARP 

The ARP page displays the ARP (Address Resolution Protocol) table currently recorded on the 
device. Use Refresh button to reload ARP table results. 







1 Apply J 

1 Dlsca rd J 

1 Save & Apply j 

Logout J 

Status 

Con figuration 

Services 

System 

Tools 






I _ I High contrast viev/ ^ Information | Network | Wireless | Routes ARP y Refresh j |_| Auto 


Address resolution protocol cache 

MAC IP address Interface 

00i0Ci43:2S:G0:34 192.1GS.3. L51 brO 

00iG0:E0:E2:3A:95 192.1GS.3.1 brO 


7.2 Configuration 

7.2.1 Network 

The Configuration | Network page allows you to control the network configuration and settings of the 
device. First, the device operation mode must be defined to work as a bridge or router. The content of 
the window varies depending on your selection: 
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App^ j . Discard Save & Apply J ^ Logout J 

Status Configuration Services System Tools 

Network Wireless Vn-h_jjlAr \.v A I Traffic shaping Port forwarding Static routes 


Network mode 

1 Router 

▼ 

Ethernet speed auto 

-J 

WAN interface 

Bridge 

Router 





iV[ WAI 





Network mode - choose the device operating mode [bridge/router] 

■ Bridge - in this mode the device works as transparent bridge interconnecting wireless network 
and LAN port. The Firewall related functions and NAT are not available in this mode. 

■ Router - in this mode the device works as router between wireless network and all LAN ports. 

Ethernet speed - configures the Ethernet link speed and the duplex mode of the Ethernet port. 
Choose "auto" for automatic detection of link speed and duplex mode. 

Network settings will vary according to the selected Network mode. The Bridge mode allows 
configuring device LAN IP settings, while the Router mode requires more parameters such as LAN 
network settings, WAN network settings, LAN DHCP settings. 


7.2.2 Bridge Mode 

Port forwarding and Static routes are not available on Bridge mode. 


When device is configured to operate in Bridge mode, only device LAN settings should be configured 
on the Network page: 




1 Apply 1 , Discard 

1 Save & Apply 

Logout 

Status Configuration Services System Tools 

Network | 

Wireless ^ Virtual AP | Wireless ACL 

1 Traffic shaping | 








Netv#ork mode ^ 

Bridge ▼ j 

Ethernet speed | auto 

’J 


IP settings 


VLAN to SSID mapping 



Method 

, Static IP ▼ 


|_J raO (bites 5.53 AP) 


IP address 

Static IP 




Subnet mask 

Dynamic IP 

Management VLAN 



255.2^37255 







1_j Enable 


Default gatev/ay 

192.168.3.1 






Management VLAN ID 



DNS server 1 

195.14.162.78 






Restrict management to 

,v 


DNS server 2 










Enable IP alias 





IP address 

192.168.2.66 




Subnet mask 

255.255.255.0 





IP Settings 


When assigning IP address make sure that the chosen IP address is unused and belongs to the same 
IP subnet as your wired LAN, otherwise you will lose the connection to the device from your current PC. 
If you enable the DHCP client, the browser will lose the connection after saving, because the IP 
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address assigned by the DHCP server is not predictable. 

Method - specify IP reception method: IP addresses can either be retrieved from a DHCP server or 
configured manually: 

■ Static IP - the IP address must be specified manually. 

- Dynamic IP - the IP address for this device will be assigned from the DHCP server. If DHCP 
Server is not available; the device will try to get an IP. If has no success, it will use a fallback IP 
address (default fallback IP is 192.168.2.66). The fallback IP settings can be changed to custom 
values. 

IP Address - specify IP address for device 
Subnet mask - specify a subnet mask for device. 

Default gateway - specify a gateway IP address for device. 

DNS server - specify the Domain Naming Server. 

Enable IP alias - specify the alternative IP address and the netmaskfor APC unit management. 


VLAN to SSID Mapping 

Virtual Local Area Networks (VLANs) are logical groupings of network resources. 

VLAN to SSID mapping 

2 ^ raO (my AP) 


VLAN to SSID mapping - specify the VLAN ID for traffic tagging on required radio interface [2-4095]. 
The Station devices that associate using the particular SSID will be grouped into this VLAN. 


Management VLAN 

Avaiiabie oniy on Bridge network mode. 

Access to the AP for management purposes can further be limited using VLAN tagging. By defining 
Management VLAN, the device will only accept management frames that have the appropriate 
Management VLAN ID. All other frames using any management protocol will be rejected. 

When you specify a new management VLAN, your HTTP connection to the device wiii be iost. For 
this reason, you should have a connection between your management station and a port in the 
new management VLAN or connect to the new management VLAN through a muiti-VLAN router. 


Management VLAN 



1 Enable 

Management VLAN ID 

123 

Restrict management to 

1^1 ethO 


LJ raO 


Enabie - select to enable a VLAN tagging for management traffic. 

Management VLAN ID - specify the VLAN ID [2-4095]. When device interfaces are configured with a 
specific VLAN ID value, only management frames that matching configured VLAN ID will be accepted 
by device. 
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Restrict management to interfaces - select interfaces that will be restricted with management 
VLAN. 


7.2.3 Router Mode 

This section allows customizing parameters of the Router to suit the needs of network, including 
ability to use the built-in DHCP server. When device is configured to operate as Router, the following 
sections should be specified: WAN network settings, LAN network settings and LAN DHCP settings. 


Apply ^ Discard j ^ Save & Apply j ^ Logout j 

Status Configuration Services System Tools 

Network i Wireless i VirTL^I Af i Wireless ACL i Traffic shaping i Port forwarding i Static routes 


Netv/ork mode 


Router 

NAT 


Ethernet speed 


^ auto 


WAN, wired 

MAC address 
VLAN ID 
WAN mode 
IP address 
Subnet mask 
Default gatev^y 
DNS server 1 
DNS server 2 
Enable secondary IP 
IP address 
Subnet mask 


00:19:3B:FF:1C:5F 


192.168.3.151 


255.255.255.0 


192.168.3.1 


195.14.162.78 


u 


LAN, wireless 


IP address 192.168.4.66 


Subnet mask 255.255.255.0 


DHCP mode , disabled 


Enable NAT - select to enable NAT (Network Address Translation), that functions by transforming the 
private IP address of packets originating from hosts on your network so that they appear to be coming 
from a single public IP address and by restoring the destination public IP address to the appropriate 
private IP address for packets entering the private network, the multiple PCs on your network would 
then appear as a single client to the WAN interface. 


WAN Settings 


WAN network settings include settings related to the WAN interface. The access type of the WAN 
interface can be configured as: Static IP, Dynamic IP, PPPoE client. 

WAN mode - choose Static IP to specify IP settings for device WAN interface 


MAC 
VI_AN ID 

WAN mode 
IP address 
Subnet mask 


00;0C;43;2S;S0;30 


Static IP 


192.1SS.3.152 


255.255.255.0 


Default gatev/ay 192.1SS.3.1 
DNS server 1 
DNS server 2 
Enable IP alias 
IP address 
Subnet mask 255.255.255.0 


U 
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MAC address - specify the clone MAC address if required. The ISPs registers the MAC address of the 
router, and allows only that MAC address to connect to their network. In such case if there is need to 
change hardware (router), you need to notify your ISP about MAC address change, or simply set 
The router’s MAC address to the MAC address of the previously router/computer. 

VLAN ID - specify the VLAN ID for traffic tagging on required radio interface [2-4095]. The Station 
devices that associate using the particular SSID will be grouped into this VLAN. 

WAN mode - choose Static IP to specify IP settings manually. This option needs parameters listed 
below: 

IP address - specify static IP address. 

Subnet mask - specify a subnet mask. 

Default gateway - specify a gateway. 

DNS server - specify primary and/or secondary DNS server 

Enable IP alias - specify the alternative IP address and the netmask for APC unit management. 


WAN mode - choose Dynamic IP to enable DHCP client on the WAN side. This option does not need 
Any parameters. 

WAN 

MAC 00i0Ci43:2S;60:30 
VLAN ID |_1 

WAN mode Dynamic IP t ^ 

DHCP fallback settin 
IP address 
Subnet mask 
Default gatev/ay 

□ NS ser\'er L 

□ NS ser^'er 2 
Enable IP alias 

IP address 
Subnet mask 


L92.1GS.3.153 


255.255.255.0 


gs: 



MAC address - specify the clone MAC address if required. The ISPs registers the MAC address of the 
router, and allows only that MAC address to connect to their network. In such case if there is need to 
change hardware (router), you need to notify your ISP about MAC address change, or simply set 
The router’s MAC address to the MAC address of the previously router/computer. 

VLAN ID - specify the VLAN ID for traffic tagging on required radio interface [2-4095]. The Station 
devices that associate using the particular SSID will be grouped into this VLAN. 

DHCP fallback setting - specify IP address. Subnet mask. Default gateway and optionally DNS 
server for DHCP fallback. In case the APC unit will not get the IP address from the DHCP, the 
specified fallback IP settings will be used. 

Enable IP alias - specify the alternative IP address and the netmask for APC unit management. 
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WAN mode - choose PPPoE to configure WAN interface to connect to an ISP via a PPPoE: 


WAN 


MAC 00:0C:43:2S:G0:30 
VLAN ID 


U 


WAN mode 
IP address 
Subnet mask 
Default gatevray 
Username 
Passvjfo rd 


PPPoE 




MTU size 1500 

DNS settings Obtain DNS automatl t j 
DNS ser\'er 1 
DNS ser\’er 2 
Enable IP alias I'^i 


IP address 192.1GS.3.153 


Subnet mask 255.255.255.0 


MAC address - specify the clone MAC address if required. The ISPs registers the MAC address of the 
router, and allows only that MAC address to connect to their network. In such case if there is need to 
change hardware (router), you need to notify your ISP about MAC address change, or simply set 
The router’s MAC address to the MAC address of the previously router/computer. 

VLAN ID - specify the VLAN ID for traffic tagging on required radio interface [2-4095]. The Station 
devices that associate using the particular SSID will be grouped into this VLAN. 

User name - specify the user name for PPPoE. 

Password - specify the password for PPPoE. 

MTU - specify the MTU (Maximum Transmission Unit). The default value is 1500 bytes. 

DNS settings - allows selecting if automatically assigned or alternative DNS servers should be used. 
Enable IP alias - specify the alternative IP address and the netmask for APC unit management. 


LAN Network Settings 

LAN network settings includes settings related to the LAN interface 

LAN 


IP address 192.168.2.66 


Subnet mask 255.255.255.0 


IP address - specify the IP address of the device LAN interface. 
Subnet mask - specify the subnet mask of the device LAN interface. 
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LAN DHCP Settings 

DHCP mode - choose disabled to disable DHCP on LAN interface. 


DHCP mode | disabled t 


DHCP mode - choose relay to enable DHCP relay. The DHCP relay forwards DHCP messages 
between subnets with different sub layer broadcast domains. 

DHCP mode | relay t ^ 


DHCP mode - choose server to enable DHCP server on LAN interface. 

DHCP mode 
IP address from 
IP address to 
Subnet mask 
Default gateway 
Lease time, s 
DNS server 1 
DNS server 2 



192.1SS.2.1 


192.1SS.2.254 


255.255.255.0 


192.1SS.2.6S 


SOO 


192.1SS.2.6S 


IP address from - specify the starting IP address of the DHCP address pool. 

IP address to - specify the ending IP address of DHCP address pool. 

Subnet mask - specify the subnet mask. 

Default gateway - specify DHCP gateway IP address. 

Lease time - specify the expiration time in seconds for the IP address assigned by the DHCP server. 
DNS server - specify the DNS server IP address. 


7.2.4 Wireless 

The Wireless tab is divided in three sections: Basic, Security and Advanced configuration sections. 
The Basic section contains all parameters that required to configure in order have working wireless 
link. Security section is used to select authentication and encryption settings. Advanced section 
contains parameters allowing optimizing the link capacity. 

Before changing radio settings manuaiiy verify that your settings wiii compiy with iocai 
government reguiations. At aii times, it is the responsibiiity of the end-user to ensure that the 
instaiiation compiies with iocai radio reguiations. 

The APC device can operate in four wireless modes: Access Point, Station, Station WDS, iPoll 
Access Point and iPoll Station. 
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Apply 

Discard | 

Save & Apply 

Logout 

Status 

Configuration 

Services 

System 

Tools 






Network Wireless ] Virtual AP I Wireless ACL i Traffic shaping | Port forwarding i Static routes 


Wireless mode ^ Access Point (auto WPS) ▼ J Country ^ UNITED STATES _^ 

Access Point (auto WDS) 

Basic 


Station WDS 
Station 

Broadci jpoll Access Point 
iPoll Station 


IEEE mode 1 N 


Channel width 20/40 MHz Above ▼ J 
Channel i Auto ▼ I 


Channel list 


Depending on the wireless operation mode selection some of the displayed configuration parameters 

will differ (e.g. security or advanced wireless settings). 

Wireless mode - select wireless operation mode: 

■ Access Point (auto WDS)) - enables the APC radio function as an access point. When in AP 
mode, wireless clients can see the AP broadcast and associate to it if settings are configured 
correctly. 

■ Station - sets the radio to run in client mode. In this mode wireless station does not broadcast an 
SSID and clients cannot connect to it. Station mode allows the APC radio to connect to other 
radios functioning as an AP. 

■ Station WDS - a wireless station will communicate with access point in WDS mode. Station WDS 
Mode enables packet forwarding at layer 2 level. 

- iPoll Access Point - enables APC radio function as access point for point-to-multipoint solution. 
The iPoll Access Point accepts only iPoll Station requests. 

■ iPoii Station - enables APC radio function as wireless station for point-to-multipoint solution. The 
iPoll Station can establish a link only with iPoll Access point. 

Be sure that both ends of the iink have the appropriate wireiess mode, otherwise the 
connection wiii be not estabiished (e.g. iPoii Station is abie to estabiish a connection oniy with 
iPoil AP). 

Country - choose from the drop-down list the country in which the APC will operate. The channel list, 

transmit power limits, IEEE 802.11 mode will be adjusted according to the regulations of the selected 

country. 
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7.2.5 Wireless Mode: Access Point 

Use Basic Wireless Settings to setup radio interface of the device. 

Apply I Discard i Save & Apply > Logout 

Status Configuration Services System Tools 

Network Wireless Virtual AP Wireless ACL Traffic shaping Port forwarding Static routes 


Wireless mode ^ Access Point (auto WDS) 

▼ J Country 

[ UNITED STATES ▼ J 



Basic 






SSID 

my AP 


IEEE mode 

A/N mixed 

-J 

Broadcast SSID 



Channel vadth 

[ 20/40 MHz Above 

"J 




Channel 

Auto 

▼ 





Channel list 


Security 






Security 

^ Open 

_J 




Advanced 






Tx pov#er (dBm) 


20 

Mode 

[ MIMO 2x2 

"J 

Enable ATPC 

U 


Max data rate 

54 

▼ 

Antenna gain, dBi 



Max data rate N 

300 (MCS15) 

▼ 

Comply regulations 

u 


Disable data rate fallback 



Fragmentation 

sS= -- 

' u 

Short GI 



RTS 


u 

MPDU density 

1 ^ 

^ J 

Quality of service (WMM) 

l—l 

ACK timeout 

Distance 

▼ 

Client isolation 

LJ 



C_ 

0 

Enable DFS 

1—1 



Kilometers 

Miles 

Enable AMSDU 

LJ 






Basic Wireless Settings 

SSID - specify the SSID of the wireless network device. 

Broadcast SSID - enables or disables the broadcasting of the SSID for AP. 

IEEE mode - specify the wireless network mode. 

Channel width - The default channel bandwidth for 802.11 radio is 20MHz. The 802.11 n allow 
channel bonding in such way the total channel width becomes 40MHz. 

Channel - select the channel from the drop-down list or option Auto for auto channel. Automatic 
channel selection allows Access Point to select a channel which is not used by any other wireless 
device or, if there are no free channels available - to select a channel which is least occupied. 

Channel list - select the channels to create a channel list for auto channel. 

Security Settings 

Both sides (AP and Station) of the iink must have the same security settings. 

Device supports various authentication/encryption methods: 
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■ Open - no encryption. 

■ WEP - 64bit and 128bit key. 

■ Personal - preshared key encryption with WPA/WPA2 using AES or TKIP. 

■ Enterprise - RADIUS server based authentication with WPA/WPA2 encryption using AES or 
TKIP (requires configured RADIUS server). 

■ UAM - Web browser based user authentication method. UAM authentication is available only if 
Access Point is working in router mode. For UAM configuration details refer at the respective 
chapter Universal Access Method (UAM). 

By default there is no encryption enabled on the device: 


Security 


Security ^ Open ▼ 

1 



WEP encryption can be either 64bit or 1 28bit: 


Security 


Security ^ WEP 64bft 



WEP passkey - specify the passkey, for the chosen WEP security: 

■ For WEP 64bit encryption - 5 HEX pairs (e.g. aa:bb:cc:dd:ee), or 5 ASCII characters (e.g. 
abcde); 

■ For WEP 128bit encryption - 13 HEX pairs (e.g. aa:bb:cc:dd:ee:ff:gg:hh:00:11:22:33:44), or 13 
ASCII characters (e.g. abcdefghijkim); 


To setup Personal WPA/WPA2 encryption, need to specify the pre-shared key and encryption with 
chosen AES, TKIP or Auto method: 

Security 


Security 

^ Personal WPA2 

▼ 1 

Passphrase 


Encryption 

AES 

▼ 1 




Passphrase- specify WPA or WPA2 passphrase [8-63 characters]. The passphrase will be 
converted to key format, selected above. 

Encryption - specify WPAWPA2 encryption algorithm: 

■ AES - APC will accept clients with passphrase encrypted with AES method only; 

■ TKIP - APC will accept clients with passphrase encrypted with TKIP method only; 

■ Auto - APC will accept clients with passphrase encrypted with both: AES and TKIP methods; 


AP has possibility to configure Enterprise WPA/WPA2 encryption with RADIUS authentication. 
Properly configured AP will accept wireless stations requests and will send the information to 
configured RADIUS server for client authentication. 


Security 


Security 

Encryption 



RADIUS IP 
RADIUS port 
RADIUS key 


192.166.72.110 


1812 



The properly configured RADIUS server is required for Enterprise WPA/WPA2 encryption. 
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Encryption - specify WPA/WPA2 encryption algorithm: 

■ AES - AP will accept clients with passphrase encrypted with AES method; 

■ TKIP - AP will accept clients with passphrase encrypted with TKIP method; 

■ Auto - AP will accept clients with passphrase encrypted with both: AES and TKIP methods; 

RADIUS authentication settings: 

RADIUS IP - specify the IP address of the authentication RADIUS server where the authentication 
requests will be send to. 

RADIUS port - specify the network port used to communicate with the RADIUS authentication server. 
Default: 1812 for authentication. 

RADIUS key - specify the secret key of the authentication server [string]. The shared secret is used 
to encrypt data packets transmitted between RADIUS server and client. 

Shared secrets must be the same on the RADIUS servers and the RADIUS client. 


Advanced Wireless Settings 

Advanced parameters allow configuring the device to get the best performance/capacity of the link. 


Advanced 

Tx pov^r (dBm) 
Enable ATPC 
Antenna gain, dBi 

Comply regulations 
Fragmentation 
RTS 

Quality of service (WMM) 
Client isolation 
Enable DFS 
Enable AMSDU 


20 


Mode 
Max data rate 
Max data rate N 
Disable data rate fallback 
Short GI 
MPDU density 
ACK timeout 


MIMO 2x2 


54 


300 (MCS15) 


L^J 

4 


Distance 


! 


Kilometers 


0 

Miles 


Tx power - set the unit's transmitting power at which the device will transmit data. The larger the 
distance, the higher transmit power is required. To set transmit power level use the slider or enter the 
value manually. When entering the transmit power value manually, the slider position will change 
according to the entered value. The maximum transmit power level is limited to the allowed value by 
country in which device is operating regulatory agency. 


Enable ATPC - select to enable Automatic Transmit Power Control (ATPC). If enabled, device radio 
will continuously communicate with remote unit’s radio in order to adjust the optimal transmit power 
Automatically. 

Antenna Gain, dBi - displays integrated antenna gain in dBi. This entry field will be editable for the 
connectorized antennas where the custom value of the antenna gain must be specified. 

Comply regulations - if enabled, the APC will automatically adjust radio settings (transmit power and 
DFS) to conform regulatory rules of the selected country. 

Fragmentation - specify the Fragmentation threshold using slider or enter the value manually [256- 
2346 bytesj. This is the maximum size for a packet before data is fragmented into multiple packets. 
Setting the Fragmentation threshold too low may result in poor network performance. Only minor 
modifications of this value are recommended. 


RTS - specify the RTS threshold using slider or enter the value manually [0-2347 bytesj. The RTS 
threshold determines the packet size of a transmission and, through the use of an access point, helps 
control traffic flow. 


Quality of service (WMM) - enable to support quality of service for traffic prioritizing. 
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Client isolation - select to enable the layer 2 isolation that blocks clients from communicating with 
each other. Client isolations is available only in Access Point (auto WDS) mode. 

Enable DFS - select to enable radar detection. With enabled DFS, APC unit monitors the operating 
frequency for radar signals. If radar signals are detected on the channel, the APC unit randomly 
selects a different channel. 

Enable AMSDU - enable the AMSDU packet aggregation. If enabled, the maximum size of the 
802.11 MAC frames will be increased. 

Mode - choose the AP antenna operating mode: 

■ SISO - single input single output. The device will use only one antenna for data transfer. The 
antenna will be chosen automatically. 

■ MIMO - multiple input multiple outputs. The device will use two antennas for data transfer (two 
Simultaneous streams). 

Max data rate - choose the maximum data rate in Mbps at which should transmit packets. The APC 
Will attempts to transmit data at the highest data rate set. If there will be an interference encountered. 
The APC will step down to the highest rate that allows data transmission. 

Max data rate N - choose the data rates in Mbps at which should transmit packets for the selected 
802.11 n mode. The APC will attempts to transmit data at the highest data rate set. If there will be an 
interference encountered, the APC will step down to the highest rate that allows data transmission. 

Disable data rate fallback - when this option is selected, the constant Max data rate will be set 
without a step back to the next highest data rate for APC data transmission. 

Short Gl - enable short guard interval. If selected, then 400ns value will be used, else 800ns. 

MPDU density - define minimum time between PPDU"s. 

ACK timeout - specify the ACK timeout using slider or enter the value manually. Ack timeout can be 
entered by defining the link distance or specifying time value. Too low value of the ACK timeout will 
give very low throughput. A high value may slow down the link in noisy environment. A low value is far 
worse than a value slightly too high. ACK Timeout value should be tuned to the optimal value for the 
maximum link throughput. 

7.2.6 Wireless Mode: Station 

Station WDS has the same wireless settings. 

The Station wireless settings a bit differ from the Access Point’s settings: there is possibility to scan 
SSID of the surrounding APs and choose the required one. 

Use Wireless Settings to setup radio interface of the device. 

Basi-c 

SSID 33ID [ Scan ] 

Scanned SSID^ 


IEEE mode |N_ t 

Channel vjridth ^ 20/40 MHz Above t 


Basic Wireless Settings 

SSID - specify the SSID of the wireless network device. 

Scan - click this button to scan for surrounding wireless networks. Found network SSID"s will be 
Available in drop down menu. 

IEEE mode - specify the wireless network mode. 

Channel width - The default channel bandwidth for 802.11 radio is 20MHz. The 802.11 n allow 
channel bonding in such way the total channel width becomes 40MHz. 


Security Settings 
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Both sides (AP and Station) of the link must have the same security settings. 

Device supports various authentication/encryption methods: 

■ Open - no encryption. 

■ WEP - 64bit and 128bit key. 

■ Personal - preshared key encryption with WPA/WPA2 using AES or TKIP. 

■ Enterprise - RADIUS server based authentication with WPA/WPA2 encryption using AES or 
TKIP (requires configured RADIUS server). 

By default there is no encryption enabled on the device: 

Security 

Security i Open ▼ | 


WEP encryption can be either 64bit or 1 28bit: 

Security 

Security j WEP 64bit ▼ I WEP passkey 


WEP passkey - specify the passkey, for the chosen WEP security: 

■ For WEP 64bit encryption - 5 HEX pairs (e.g. aa:bb:cc:dd:ee), or 5 ASCII characters (e.g. 
abcde); 

■ For WEP 128bit encryption - 13 HEX pairs (e.g. aa:bb:cc:dd:ee:ff:gg:hh:00:11:22:33:44), or 13 
ASCII characters (e.g. abcdefghijkim); 


Personal WPA/WPA2 encryption must be specified with the pre-shared key, encrypted with chosen 
AES or TKIP method (Auto mode on Station is not available): 


Security 






Security ^ Personal WPA2 

"J 

Passphrase 



Encryption AES 

▼ ' 




Passphrase - specify the WPA or WPA2 passphrase [8-63 characters]. The passphrase will be 
converted to key format, selected above. 

Encryption - specify the encryption algorithm: 

■ AES - passphrase encrypted with AES method. 

■ TKIP - passphrase encrypted with TKIP method. 


APC has possibility to use Enterprise WPA/WPA2 encryption with RADIUS authentication. Station 
will send requests to AP, which will redirect authentication parameters to required RADIUS server. 


Security 

Security 
Encryption 
EAP method 



EAP-TTLS/MSCHAPv2 ▼ ^ 


Identity 

Passv/ord 


logme 



Encryption - choose WPA/WPA2 encryption type: 

■ AES - data encrypted with AES method; 

■ TKIP - data encrypted with TKIP method; 
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EAP method - choose EAP method: 

■ EAP-TTLS-MSCHAPV2 

■ PEAP/ MSCHAPv2 

Identity - specify the identity of the authentication to the RADIUS server. 

Password - specify the password of the authentication to the RADIUS server. 

Identity and Password on the APC must match the identity and password running on the 
RADIUS server's user list. 


Advanced Wireless Settings 

Advanced parameters allow configuring the device to get the best performance/capacity of the link. 


Advanced 








Tx pov/er (dBm) 


—0= 

20 


Mode 

MIM0 2x2 

-J 

Enable ATPC 

1_1 




Max data rate 



Antenna gain, dBi 

0 




Max data rate N 

[ 300(MCS15) 

-J 

Comply regulations 

i_1 




Disable data rate fallback 

1_1 


Fragmentation 




u 

Short GI 



RTS 




u 

MPDU density 

4 

▼ 

Quality of service (WMM) 

i_1 



ACK timeout 

Distance 


Enable DFS 

; _, 





-- 

= 25.5 

Enable AMSDU 






^ Kilometers 

Miles 


Tx power - set the unit’s transmitting power at which the device will transmit data. The larger the 
distance, the higher transmit power is required. To set transmit power level use the slider or enter the 
value manually. When entering the transmit power value manually, the slider position will change 
according to the entered value. The maximum transmit power level is limited to the allowed value by 
country in which device is operating regulatory agency. 

Enable ATPC - select to enable Automatic Transmit Power Control (ATPC). If enabled, device radio 
will continuously communicate with remote unit’s radio in order to adjust the optimal transmit power 
Automatically. 

Antenna Gain, dBi - displays integrated antenna gain in dBi. This entry field will be editable for the 
connectorized antennas where the custom value of the antenna gain must be specified. 

Comply regulations - if enabled, the APC will automatically adjust radio settings (transmit power and 
DPS) to conform regulatory rules of the selected country. 

Fragmentation - specify the Fragmentation threshold using slider or enter the value manually [256- 
2346 bytes]. This is the maximum size for a packet before data is fragmented into multiple packets. 
Setting the Fragmentation threshold too low may result in poor network performance. Only minor 
modifications of this value are recommended. 

RTS - specify the RTS threshold using slider or enter the value manually [0-2347 bytes]. The RTS 
threshold determines the packet size of a transmission and, through the use of an access point, helps 
control traffic flow. 

Quality of service (WMM) - enable to support quality of service for traffic prioritizing. 

Enable DFS - select to enable radar detection. With enabled DFS, APC unit monitors the operating 
frequency for radar signals. If radar signals are detected on the channel, the APC unit randomly 
selects a different channel. 

Enable AMSDU - enable the AMSDU packet aggregation. If enabled, the maximum size of the 
802.11 MAC frames will be increased. 

Mode - choose the AP antenna operating mode: 


■ SISO - single input single output. The device will use only one antenna for data transfer. The 
antenna will be chosen automatically. 
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- MIMO - multiple input multiple outputs. The device will use two antennas for data transfer (two 
Simultaneous streams). 

Max data rate - choose the maximum data rate in Mbps at which should transmit packets. The APC 
Will attempts to transmit data at the highest data rate set. If there will be an interference encountered, 
The APC will step down to the highest rate that allows data transmission. 

Max data rate N - choose the data rates in Mbps at which should transmit packets for the selected 
802.11 n mode. The APC will attempts to transmit data at the highest data rate set. If there will be an 
Interference encountered, the APC will step down to the highest rate that allows data transmission. 

Disable data rate fallback - when this option is selected, the constant Max data rate will be set 
without a step back to the next highest data rate for APC data transmission. 

Short Gl - enable short guard interval. If selected, then 400ns value will be used, else 800ns. 

MPDU density - define minimum time between PPDU"s. 

ACK timeout - specify the ACK timeout using slider or enter the value manually. Ack timeout can be 
entered by defining the link distance or specifying time value. Too low value of the ACK timeout will 
give very low throughput. A high value may slow down the link in noisy environment. A low value is far 
worse than a value slightly too high. ACK Timeout value should be tuned to the optimal value for the 
maximum link throughput. 


7.2.7 Wireless Mode: iPoll Access Point 

The iPoll wireless mode is designed for point to multipoint wireless solutions. The iPoll Access Point 
establishes a connection only with iPoll Stations thus creating a reliable network 



Basic Settings 

Use Basic section to setup basic operating settings of the iPoll Access Point’s radio. 

iPoll Access Point and IPoll Station will operate in 802.1 In IEEE mode only. 


SSID - specify the SSID of the wireless network device. 

Broadcast SSID - enables or disables the broadcasting of the SSID for AP. 

Channel width - The default channel bandwidth for 802.1 1 n radio is 20MHz. The 802.11 n allow 
channel bonding in such way the total channel width becomes 40MHz. 

Channel - select the channel from the drop-down list or option Auto for auto channel. Automatic 
channel selection allows iPoll Access Point to select a channel which is not used by any other 
wireless device or, if there are no free channels available - to select a channel which is least 
occupied. 

Channel list - select the channels to create a channel list for auto channel. 

GeoDesy Kfl. 

H-1116 Bu dapest, Kon dorfa str. 6-8. 


M5ZEJ4I 

I GroDnv Kit, I 


Telefon: 06-1^81-2050 
Fax.: 06-1^81-2049 
E-mail: mfo@aeodesy.hy 
http://www.geodesy.hu 



































6 member of HORVATH HOLDtNG 


34 



a membef of HORVATH HOLDING 


Security Settings 

Both sides (iPoll Access Point and iPoii Station) of the iink must have the same security 
settings. 


The APC device working, in iPoll Access Point wireless mode, supports authentication/encryption 
methods listed below: 

■ Open - no encryption. 

■ Personal WP A - preshared key encryption with W PA using AES method. 

■ Personal WP A 2 - preshared key encryption with W PA2 using AES method. 

By default there is no encryption enabled on the device: 

Security 

Security I Open ▼ ‘ 


Personal WPA/WPA2 encryption must be specified with the pre-shared key: 


Security 


Security 

Encryption 



Personal WPA2 


Passphrase 


Passphrase - specify the WPA or WPA2 passphrase [8-63 characters]. The passphrase will be 
converted to key format, selected above. 


Advanced Wireless Settings 

Advanced wireless settings allow configuring the APC unit to get the best performance/capacity of the 
link: 


Advanced 


Tx povier (dBm) ^- 

-20 

Mode 

MIMO 2x2 

▼ 

Enable ATPC L_j 


Max data rate 

300 (MCS15) 

▼ 

Antenna gain, dBi 


Tx queue length, frames 

-- 7 j 

. 32 


Comply regulations ^_j 

Enable DFS 


Transmit power - set the unit’s transmitting power at which the device will transmit data. The larger 
the distance, the higher transmit power is required. To set transmit power level use the slider or enter 
the value manually. When entering the transmit power value manually, the slider position will change 
according to the entered value. The maximum transmit power level is limited to the allowed value by 
country in which device is operating regulatory agency. 

Enable ATPC - select to enable Automatic Transmit Power Control (ATPC). If enabled, device radio 
will continuously communicate with remote unit’s radio in order to adjust the optimal transmit power 
Automatically. 

Antenna Gain, dBi - displays integrated antenna gain in dBi. This entry field will be editable for the 
connectorized antennas where the custom value of the antenna gain must be specified. 

Comply regulations - if enabled, the APC will automatically adjust radio settings (transmit power and 
DFS) to conform regulatory rules of the selected country. 
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Enable DFS - select to enable radar detection. With enabled DFS, ARC unit monitors the operating 
frequency for radar signals. If radar signals are detected on the channel, the unit randomly selects a 
different channel. 

Mode - choose the unit’s antenna operating mode: 

■ SISO - single input single output. The device will use only one antenna for data transfer. The 
antenna will be chosen automatically. 

- MIMO - multiple input multiple outputs. The device will use two antennas for data transfer (two 
Simultaneous streams). 

Max data rate - select the device data transmission rates in Mbps from the drop-down list. The ARC 
Will attempt to transmit data at the highest data rate set. If there will be an interference encountered, 
The ARC will step down to the highest rate that allows data transmission. 

Transmit queue length, frames - specify the length in frames of the transmit queue. 

7.2.8 Wireless Mode: iPoll Station 

The iPoll Station is a wireless client mode which can connect to the iRoll Access Roints. 



Basic Settings 

Use this section to setup basic operating settings of the iRoll Station radio. 

iPoll Access Point and iPoll Station will operate in 802.11n IEEE mode only. 


SSID - specify the SSID of the wireless network device manually, or use Scan functionality. 

Scan - click this button to scan for surrounding iRoll Access Roints. Found network SSID"s will be 
Available in drop down menu. 

Channel width - The default channel bandwidth for 802.11 N radio is 20/40MHz. The 802.11 n allow 
channel bonding in such way the total channel width becomes 40MHz. 
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Security Settings 

Both sides (iPoll Access Point and iPoii Station) of the iink must have the same security 
settings. 

The APC device working, in iPoii Station wireiess mode, supports authentication/encryption methods 
listed below: 

■ Open - no encryption. 

■ Personai WP A - preshared key encryption with W PA using AES method. 

■ Personai WP A 2 - preshared key encryption with W PA2 using AES method. 

By defauit there is no encryption enabied on the device: 

Security 

Security Open _▼! 


Personai WPA/WPA2 encryption must be specified with the pre-shared key: 


Security 

1 Personal WPA2 

J 

Passphrase 


Encryption 

1^ AES 

"J 




Passphrase - specify the WPA or WPA2 passphrase [8-63 characters]. The passphrase will be 
converted to key format, selected above. 

Advanced Wireless Settings 

Advanced wireless settings allow configuring the APC unit to get the best performance/capacity of the 
iink: 

Advanced 


Tx pov/er (dBm) ,- 

- 

20 

Mode 

MIMO 2x2 

▼ 

Enable ATPC 



Max data rate 

300(MCS1S) 

▼ 


Antenna gain, dBi Tx queue length, frames ^ Y"-^ 32 

Comply regulations ,_j 

Enable DFS 


Transmit power - set the unit's transmitting power at which the device wiil transmit data. The larger 
the distance, the higher transmit power is required. To set transmit power ievel use the siider or enter 
the vaiue manuaiiy. When entering the transmit power vaiue manuaiiy, the siider position wiii change 
according to the entered value. The maximum transmit power levei is limited to the aiiowed value by 
country in which device is operating regulatory agency. 

Enable ATPC - select to enable Automatic Transmit Power Controi (ATPC). If enabled, device radio 
will continuously communicate with remote unit’s radio in order to adjust the optimal transmit power 
Automatically. 

Antenna Gain, dBi - displays integrated antenna gain in dBi. This entry field will be editable for the 
connectorized antennas where the custom value of the antenna gain must be specified. 

Comply regulations - if enabled, the APC will automatically adjust radio settings (transmit power and 
DFS) to conform regulatory rules of the selected country. 

Enable DFS - select to enable the radar detection. With enabled DFS, APC unit monitors the 
operating frequency for radar signals. If radar signals are detected on the channel, the unit randomly 
selects a different channel. 


GeoDesy Kfl. 

H-1116 Bu dapest, Kon dorfa str. 6-8. 


M5ZEJ4 
I l$£l^1J)fMI1 

I GroDnv Kit, I 


Telefon: 06-1^81-2050 
Fax.: 06-1^81-2049 
E-mail: mfo@aeodesy.hy 
http://www.geodesy.hu 

























GeoDesy 


& member of HORVATH HOLDtNG 


37 



a membef of HORVATH HOLDING 


Mode - choose the unit’s antenna operating mode: 

■ SISO - single input single output. The device will use only one antenna for data transfer. The 
antenna will be chosen automatically. 

- MIMO - multiple input multiple outputs. The device will use two antennas for data transfer (two 
Simultaneous streams). 

Max data rate - select the device data transmission rates in Mbps from the drop-down list. The APC 
Will attempt to transmit data at the highest data rate set. If there will be an interference encountered, 
The APC will step down to the highest rate that allows data transmission. 

Transmit queue length, frames - specify the length in frames of the transmit queue. 


7.2.9 Virtual AP 

Virtual AP functionality is available only in Access Point (auto WDS) wireless mode. 


Use the Configuration | Virtual AP page to configure to create up to 3 additional Virtual AP 
interfaces. The Virtual AP defines a logical wireless network, and the APC can be configured to 
provide additional 3 wireless networks on each device radio. All the VAPs may be active at the same 
time meaning that client devices can associate to the APC using any of the VAP SSID. 


The Virtual AP table displays a summary of all virtual radio interfaces running on the APC: 


virtual AP list 


SSID 

Security 

VAPl 

Open 

VAP2 

Personal WPA TKIP 


l_UL_J 

To create a new Virtual AP, click on 
and specify required parameters: 

+ button to add new entry on the VAP table, then select this entry 


Virtual AP edit 





SSID 

VAP2 


Quality of service (WMM) 


Broadcast SSID 



Client isolation 


Security 

1 Personal WPA 

▼ 

Passphrase 

******** 

Encryption 

1 TKIP 

▼ 




SSID - specify the unique name for the VAP [string]. 

Broadcast SSID - when this option is selected the particular SSID is visible during network scans on 
a wireless station. When unselected, the VAP SSID is not visible and not broadcasted to wireless 
stations. 

Quality of service (WMM) - enable to support quality of service for prioritizing traffic. 

User isolation - enable the user Layer 2 isolation. The Layer 2 isolation blocks the wireless clients 
from communicating with each other. 

Each VAP security is configured by default as an “open system”, which broadcasts a beacon signal 
Including the configured SSID. For more secure network choose one of the security mechanisms for 
Each VAP interface. 
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Security - choose the wireless security and encryption method from the drop-down list (for detailed 
security configuration, refer to the respective section Access Point (auto WDS) Security Settings) . 

■ Open - no encryption. 

■ WEP - 64bit and 128bit key. 

■ Personal - preshared key encryption with WPA/WPA2 using AES or TKIP. 

■ Enterprise - RADIUS server based authentication with WPA/WPA2 encryption using AES or 
TKIP (requires configured RADIUS server). 

■ UAM - Web browser based user authentication method. UAM authentication is available only if 
Access Point is working in router mode. For UAM configuration details refer at the respective 
chapter Universai Access Method (UAM). 

Wireless clients must be able to process the WPA or WPA2 information element and 
respond with a specific security configuration. 


7.2.10 Wireless ACL 

Wireless ACL is active only in Access Point (auto WDS) and iPoll Access Point wireless mode. 


Access Control provides the ability to limit associations wirelessly based on MAC address to an AP by 
creating an Access Control List (ACL). 


Interface raO 

Policy Allow MAC in the list _ ▼ J 

MAC Name 

00:90:45:5c:cle:7b friendl 

00;90;e6:55:81;ca friend2 


^i_) 


Policy - define the policy: 

■ Open - no rules applied 

■ Allow MAC in the list - only listed MAC clients can connect to the AP (white list). 

■ Deny MAC in the list - only listed MAC clients can NOT connect to the AP (black list). 

To add new rule, press the “+” button. 

To remove the rule, first select the rule then press the button. 

To edit the rule double click on the field. 

7.2.11 Traffic Shaping 

Use Traffic Shaping to control download or upload bandwidth in order to optimize or guarantee 
performance. There are two methods to control network traffic: 

■ Limit all traffic - limits overall APC upload and download traffic. 

■ Limit per IP traffic - limits upload and download traffic for a specified IP addresses. 


M5ZEJ4I 

I GroDnv Kit, I 


Telefon: 06-1^81-2050 
Fax.: 06-1^81-2049 
E-mail: mfo@aeodesy.hy 
http://www.geodesy.hu 


GeoDesy Kft. 

H-1116 By dapest, Kondorfa str. 6-8. 

















GeoDesy 


GeoDesy 


& member of HORVATH HOLDING 


39 





a membef of HORVAth HOLDING 


Traffic shaping mode | 

Limit all traffic tJ 



All traffic limitation 





[yj Enable dovmload shaping 


1 V'l Enable upload shaping 

□ ovfliload limitr kbps 

5L2 

Upload limit, kbps 

512 

□ ovjnload burst, kbytes 


Upload burst, kbydies 





Limit all traffic 

Enable download shaping - select to enable limitation of the download traffic. 

Download limit, kbps - specify the maximum download (from wireless interface to Ethernet 
interface) bandwidth value in Kbps. 

Download burst, kbytes - specify the download burst size in kbytes. 

Enable upload shaping - select to enable limitation of the upload traffic. 

Upload limit, kbps - specify the maximum upload (from Ethernet interface to wireless interface) 
bandwidth value in Kbps. 

Upload burst, kbytes - specify the upload burst size in kbytes 

Limit per IP traffic 

Use + button to create new traffic limitation rules 

P«r-IP traffic IlmitatiDn 

IP address DOWN rat^^ kbps DOWN bursty kbytes UP rate^ kbps UP bursty kbytes 

192.177.32.9 512 lOO 512 100 


IP address - specify IP address for which the traffic will be limited. 

Down rate, kbps - specify the maximum download (from wireless interface to Ethernet interface) 
bandwidth value in Kbps. 

Down burst, kbytes - specify the download burst size in kbytes. 

UP rate, kbps - specify the maximum upload (from Ethernet interface to wireless interface) 
bandwidth value in Kbps. 

UP burst, kbytes - specify the download burst size in kbytes 


7.2.12 Port Forwarding 

Port forwarding is active only in Router network mode.. 


Port Forwarding, UPnP and DMZ is effective only if NAT is enabled. 


The Port forwarding section gives the ability to pass traffic behind an interface that has NAT 
Enabled. For instance if the unit is in router mode with NAT enabled on the WAN interface, no devices 
on the outside of the WAN interface can see any private IPs on the LAN side of the unit. By using port 
forwarding or DMZ it is possible to pass traffic through to these private IP addresses. 
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I_I Enable UPnP 

|_J Enable DMZ IP address 


Port forwarding settings 




Public port 

Private host 

Private port 

Protocol 

SOSO 

192.iGS.L00.3 

2000 

TCP 

SOSO 

79.LS9.49.iO 

7S 

TCP 




Enable UPnP - select to enable UPnP (Universal Plug and Play connectivity) service. The UPnP 
enables APC communicate with other network devices automatically opening required ports, without 
manual intervention. 

Enable DMZ - select to enable DMZ. DMZ opens all TCP/UDP ports to particular IP address. It allows 
setting up servers behind the APC. The feature is used commonly for setting up VoIP or Multi- Media 
servers. 

Public port - specify the port that will be accessed externally using the public IP address. 

Private host - specify the IP address behind NAT that public traffic will get forwarded to. 

Private port - specify the listening port on private computer behind NAT. 

Protocol - select type of forwarding traffic: TCP or UDP. 


7.2.13 Static Routes 

Static routes is active oniy in Router network mode. 


A routing rule is defined by the destination subnet (Destination IP address and netmask), interface 
and/or gateway where to route the target traffic. A data packet that is directed to the destination 
Network is routed to the specified router's interface or to another gateway router. To add a new static 


Route, specify the 

parameters: 

following 



Static routes settings 




Destination IP 

Netmask 

Gatev^y 

Interface 

192.168.3.111 

255.255.255.255 

0.0.0.0 

raO (Wireless) 

1 + Ji - J 


Destination IP - specify the destination IP address. 

Netmask - specify destination netmask. 

Gateway - specify the gateway address for the route. 0.0.0.0 Stands for the default gateway of the 
selected interface. 

Interface - select interface for the route. 

7.3 Services 
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7.3.1 WNMS 

Wireless Network Management System (WNMS) is a centralized monitoring and management system 
for wireless network devices. The communication between managed devices and the WNMS server is 
always initiated by WNMS client service running on every device. 

Wireless Netviork Management System (WNMS) 

Enable WNMS agent 
Server/Collector URL http:// 


Enable WNMS agent - select to enable WNMS agent. 

Server/Collector URL - specify the URL of the WMS server to which that heartbeat notifications will 
be sent to. 


7.3.2 System alerts 

The device is able to send external alerts when there are system errors. The alerts can be sent via 
SNMP Traps or/and SMTP notifications. 


System alerts 


System check interval, s ^ - 

SNMP 

SMTP 

10 

Alert description 

u 

u 

Wireless link status change 

u 

u 

Ethernet link status change 

u 

u 

RSSI level low than 

u 

u 

Noise level greater than, dB 

u 

u 

RX drop greater than, % 

u 

u 

TX retry greater than, % 

u 

u 

Device reboot 


iy 


xs- 


ty 


25 


-60 


6 


9 


Enable alerts - select to enable alert notifications on the system. 

System check interval, s - specify interval in seconds at which the device will send notifications of 
unexpected system behavior. 

System alerts: 

Wireless link status change - system will send notification on Wireless link status change. 

Ethernet link status change - system will send notification on Ethernet link status change. 

RSSI level lower than - system will send notification when RSSI reach value lower than specified. 
Default: 25 

Noise level greater than - system will send notification when signal noise will reach value greater 
than specified. Default: -60 dBm. 

RX drop greater than - system will send notification when percent of RX dropped packets become 
higher than specified value. Default: 250 packets per seconds. 

TX retry greater than - system will send notification when percent of TX retries becomes higher than 
specified value. Default: 250 packets per seconds. 

Device reboot - system will send notification about unexpected or administrator initiated device 
reboot. 
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SNMP traps settings 

Manager address 
Manager port 
Trap community 

i^l Use inform 

Retry count c- 7 - 

Retry timeout ^ - 



192.168.3.173 


162 


public 


SMTP settings 

Server address 
Server port 
Source e-mail address 
Destination e-mail address 
E-mail notification interval, s 


182.253.9.100 


25 


AP@alerts.com 


admin@admln.com 


SNMP Traps Settings 

Manager address - specify the IP address or hostname of SNMP Trap receiver. 

Manager port - specify the port number of the Trap receiver. Default port number is 162. 

Trap community - specify the SNMP community string. This community string acts as password 
between SNMP manager and device by default Trap community string is "public". 

Use informs - select to wait for an acknowledgment from SNMP manager that trap was received. 
Retry count - specifies maximum number of times to resend an inform request [1 -10]. Default: 5. 

Retry timeout - specifies number in seconds to wait for an acknowledgment before resending 
request [1 -1 Oj. Default: 1. 


SMTP Settings 

Server address - specify the IP address or hostname of the networked SMTP server. 

Server port - specify the SMTP Port Number is the port number used by the networked SMTP 
server. By default the port number is 25. 

Source e-maii address - specify the e-mail address that will be used by the device. 

Destination e-mail address - specify the e-mail address where the device will send the alert 
messages. 

E- Mail notification interval - specify interval in seconds at which the e-mail notification will be 
sent from the device [0-86400]. If 0 specified, then device will send an e-mail notification immediately 
after unexpected system behavior. 


7.3.3 SNMP 

SNMP is the standard protocol that is widely used for remote network management over the Internet. 
With the SNMP service enabled, the device will act as SNMP agent. 
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I Apply j ^ Discard j ^ Save & Apply j Logout 

Status Configuration Services System Tools 

WNMS System alerts SNMP , Clock/NTP SSH HTTP 

Simple Network Management Protocol (SNMP) 

1^1 Enable SNMP 
Friendly name Device name 
Link location 
Contact information 

SNMP vl/v2c 

R/O community public 

SNMP v3 

R/O user 

R/O user passvAbrd 


public 


passv/ord 


Device location 


contact 


Enable SNMP - specify the SNMP service status. 

Friendly name - displays name of the APC that will be used to identify the unit. This name has the 
same value as Friendly name in the Device settings. 

Link location - displays the physical location of the device. This name has the same value as Device 
location in the Device settings. 

Contact information - specify the identification of the contact person for this managed device, 
together with information on how to contact this person. 

R/O community - specify the read-only community name for SNMP version 1 and version 2c. The 
read-only community allows a manager to read values, but denies any attempt to change values. 

R/O user - specify the user name for read-only SNMPvS access. The read-only community allows a 
manager to read values, but denies any attempt to change values. 

R/O user password - specify the password for read-only SNMPvS access [string]. 


7.3.4 Clock/NTP 

Use this section to manage the system time and date on the device automatically, using the Network 
Time Protocol (NTP), or manually, by setting the time and date on the device. 

The NTP (Network Time Protocol) client synchronizes the clock of the device with the defined time 
server. Choose NTP from the configuration menu, select your location time zone and enter NTP 
server in order to use the NTP service. 



Configuration - choose the system clock configuration mode [NTP/Manualj. 

Time zone - select the time zone. Time zone should be specified as a difference between local 
time and GMT time. 

Save iast known time - select to recall the timestamp that was saved on last reboot. When NTP is 
enabled, this option will set system clock to last reboot time if no NTP servers are available. 
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NTP server - specify the trusted NTP server IP or hostname for synchronizing time with [IP address]. 

To adjust the clock settings manually, choose the configuration mode as Manual and specify the 
following settings: 

System date 

Configuration Manual _ Date (HH/DD/YYYY) 01/01/2010 

Time zone ^ GMT _ Time (hh:mm) 00:00 

I_I Save last known time 

Configuration - choose the system clock configuration mode [NTP/Manualj. 

Time zone - select the time zone. Time zone should be specified as a difference between local 
time and GMT time. 

Save iast known time - select to recall the timestamp that was saved on last reboot. 

Date - specify the new date value in format MM/DD/YYYY 

Time - specify the time in format hh:mm. 


7.3.5 SSH 

Use this menu to manage access to the device via SSH port: 





Apply 

1 Discard I I Save & Apply 1 

Logout j 

Status Configuration 

Services 

System Tools 






WNMS 1 

System alerts ^ SNMP ^ 

, Clock/NTP 

SSH 1 

1 HTTP 

1 y 


SSH settings 







\^\ Enabled 







Port 22 








Enabled - enable or disable SSH access to device. 

Port - the SSH service port. By default SSH port is 22. 

7.3.6 HTTP 

Use this menu to control HTTP connection on device web management: 

I App^ j ^ Discard j ^ Save & Appiy j ^ Logout j 

Status Configuration Services System Tools 

^ WNMS [ System alerts [ SNMP | Clock/NTP | SSH HTTP 

HTTP settings 

1^1 Enable management trough HTTP 
Port 80 Note: the HTTPS is alv/ays enabled. 


Enabie management through HTTP - select tis option to enable or disable HTTP access to the 
device management. 

Port - specify HTTP port. Standard HTTP port is 80. 

HTTPS connection via the standard port 8080 is aiways enabied. 
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7.4 System 

7.4.1 Administration 

For security reasons it is recommended to change the defauit administrator username and 
password as soon as possibie. 


System menu allows you to manage main system settings and perform main system actions (reboot, 
restore configuration, etc.). The section is divided into further three sections: Device settings. Account 
settings and system functions. 


Apply Discard Save & Apply Logout 

Status Configuration Services System Tools 

Administration i Log i LED i Firmware upgrade 


Device settings Account settings 


Friendly name Device name Username admin 


Device location Device location Old passv/ord 


Latitude 0.0 New passv/ord 


Longitude 0.0 Verify passv/ord 

I Change password I Clear 


System functions 

Reboot device 
Reset to factory defaults 
Dov^load troubleshooting file 


I Reboot 


Reset 


I Download 


Backup configuration file 
Restore configuration from file 


Backup j 



Device settings 

Friendly name - specify name of the ARC that will be used to identify the unit. 

Device location - describe the location of the device [maximum 255 ASCII characters]. 

Longitude - specify the longitude coordinates of the device [specific decimal format, e.q. 54.869446]. 

Latitude - specify the latitude coordinates of the device [specific decimal format, e.q. 23.891058]. Both 
coordinates helps indicate accurate location of the device. 


Account settings 

The Administrative Account menu is for changing the administrator’s password. 

Default administrator logon settings are: 

Username: admin 
Password: adminOt 

Username - change the administrator's username. 

Old password - enter the old administrator password. 

New password - enter the new administrator password for user authentication. 
Verify password - re-enter the new password to verify its accuracy. 


The only way to gain access to the web management if you forget the administrator 
password is to reset the unit to factory default settings. 
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System functions 

Reboot device - reboot device with the last saved configuration. 

Reset device to factory defauits - click to restore unit's factory configuration. 

Resetting the device is an irreversibie process. Current configuration and the administrator 
password wili be set back to the factory defauit. 


Downioad troubieshooting fiie - click to download the troubleshooting file. The troubleshooting file 
contains valuable information about device configuration, routes, log files, command outputs, etc. 
When using the troubleshooting file, the device quickly gathers troubleshooting information 
automatically, rather than requiring you to gather each piece of information manually. This is helpful 
for submitting problems to the support team. 

Backup configuration fiie - click to save the current configuration file. The saved configuration file is 
useful to restore a configuration in case of a device misconfiguration or to upload a standard 
configuration to multiple devices without the need to manually configure each device through the web 
interface. 

Restore configuration from fiie - click to upload an existing configuration file to the device. 


7.4.2 Log 

Use the log tab to configure device to view or save log messages to the local or remote server using 
standard syslog facility: 


Apply I I Discard I | Save & Apply 


Logout 


Status Configuration Services System Tools 

Administration Log LED Firmware upgrade 

System log 

View system log View 


Message level I Information 


1^1 Syslog forv/ard 
Forv^rd level I Information 


Forv^rd server address 192.67.118.24 


Forv/ard port 514 

j_I Forv^rd backup 


View system iog - click to view current trace messages. The system log viewer utility provides debug 
information about the system services and protocols. If the device's malfunction occurs recorded 
messages can help operators to locate misconfiguration and system errors. 

Message level - specify system's message tracing level. The level determines the importance of the 
message and the volume of messages generated by the device. The levels are in increased 
importance order [emergency, alert, critical, error, warning, notice, information, debug]. Default: info. 


The device can be configured to send system log messages to a remote server: 

Syslog forward - select to enable remote system logging. 

Forward server - specify the remote host IP address or hostname where syslog messages will be 
sent. 

Forward port - specify the port to which syslog messages will be forwarded [0-65535]. Default: 514. 

Forward message level - specify the level of the message which will be sent to the remote syslog 
server. The level determines the importance of the message and the volume of messages generated 
by the device. The levels are in order of increasing importance 
[emergency/alert/critical/error/warning/notice/information/debug]. Default: information. 
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Forward backup - select to enable remote syslog logging backup. 

Backup server - specify the backup host IP address or hostname where syslog messages will be 
send to. 

Backup port - specify the port to which syslog messages will be forwarded [0-65535]. Default: 514. 


7.4.3 LED Control 

The APC is equipped with 6 LEDs: power, LAN and 4 RSSI LEDs that indicates the signal strength of 
current connection. The signal level is classified into 4 levels, thus corresponding 4 LEDs switches on 
as soon as indicated threshold is reached. 



Apply j Discard j 

^ Save & Apply j 

1 Logout j 

Status Configuration 

Services System Tools 




Administration | Log LED Firmware upgrade 



LED 

1^1 Enable 




LEDl LED2 LEDS LED4 



RSSI thresholds 

10 25 35 50 




NOTE: RSSI = signal - noise, e.g. -32 dBm -(-87 dBm) = 55 



LAN LED 

jV^i Enable 



Power LED 

1^1 Enable 




Enable - select to enable LEDs on the device. If this option is not selected, then no LED activity will 
be visible on the device. 

RSSI thresholds - specify the RSSI threshold at which corresponding LED will switch on. 

The Signal LEDs are working only when the connection Is established. Therefore, please make 
sure all wireless settings are correct and the connection Is established. 


LAN LED - select to enable LAN LED. The red LED will be blinking on LAN activity, off - no LAN 
connection. 

Power LED - select to enable Power LED. The steady red LED when power is on, off - no power. 


7.4.4 Firmware Upgrade 

To update your device firmware use the System | Firmware upgrade menu. Press Upload 
firmware, select the firmware file and click the Upload button: 

Rrmwar^ upgrade 

Current version FWBD-0100.v5.53.31015 

I Upload Firmware j 

I 0 ^ I 


Current version - displays version of the current firmware. 

Upload firmware - click the button to select the new firmware image for uploading it to the device. 

The device system firmware upgrade is compatible with all configuration settings. When the device is 
Upgraded with a newer version or the same version builds, all the system's configuration will be 
Preserved after the upgrade. 

The new firmware image is uploaded to the controller’s temporary memory. It is necessary to save the 
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Firmware into the device permanent memory. Click the Upgrade button: 

Firmware uf>grad« 

Currant varsion FWBO*0100.vS.53.31015 

Uploadad varsion FWBD'OlOO.vS.77.31063 
Upgrada ^ j Cancal j 




Upgrade - upgrade device with the uploaded image and reboot the system. 

Do not switch off and do not disconnect the device from the power suppiy during the 
firmware upgrade process as the device couid be damaged. 
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7.5 Tools 


7.5.1 Antenna Alignment 


The Antenna Alignment tool measures signal quality between the Station and AP. For best resuits 
during the antenna alignment test, turn off all wireless networking devices within range of the device 
except the device(s) with which you are trying to aiign the antenna. Watch the constantly updated 
display in the Aiignment Test window as you adjust the antenna. 


Apply Discard | ^ Save & Apply J Logout 

Status Configuration Services System Tools 


Antenna alignment j Site survey , Delayed reboot Ping Traceroute Spectrum analyzer 



Start - press this button to start antenna aiignment. 

Stop - press this button to stop antenna aiignment. 

Average - if this option selected, the graph will display the average RSSI of both antennas. 


7.5.2 Site Survey 

The Site Survey tooi shows overview information for wireiess networks in a iocai geographic area. 
Using this test, an administrator can scan for working access points, check their operating channels, 
encryption and see signal/noise levels. 

To perform the Site Survey test currently, click the Start scan: 





[ Apply 

j 1 Discard 

j Save & Apply 

1 Logout j 

Status Configuration 

Services System 

Tools 






1 Antenna alignment Site survey 

Delayed reboot Ping 

Traceroute 

Spectrum analyze 

T 

1 Start scan j 






•*- 

Note: initiating scan will temporary disable wireless link(s). 





MAC address 

SSID 

Security 

Signal, dBm 

Noise, dBm 

Channel 

Mode 

00:19:3b:81:9a:0e 

MODES 

Open 

-55 

-95 

36 (5180 MHz) 

A/N mixed 

02:19:3b:81:9a:0e 

MODESl 

Open 

-55 

-95 

36 (5180 MHz) 

A/N mixed 

06:19:3b:81:9a:0e 

MODES2 

Open 

-55 

-95 

36 (5180 MHz) 

A/N mixed 

0a:19:3b:81:9a:0e 

MODES3 

Open 

-55 

-95 

36 (5180 MHz) 

A/N mixed 

00:19:3b:80:19:8d 

PTP Open 

Open 

-57 

-95 

36 (5180 MHz) 


00:0c:43;28:80:a3 

APC-5G -Test 

WPA2PSK/... 

-49 

-95 

44 (5220 MHz) 

A/N mixed 1= || 

00:0c:43:28:80:a7 

APC-5G 

WPA2PSK/... 

-63 

-95 

48 (5240 MHz) 

A/N mixed 

00:19:3b:80:19:b7 

PTP 5 

Open 

-39 

-95 

60 (5300 MHz) 

j 

00:19:3b:80:19:8c 

APC 

Open 

-55 

-95 

108 (5540 MHz) 

A/N mixed 

00:19:3b:fc:lb:08 

APC2 

Open 

-58 

-95 

132 (5660 MHz) 

iPoll 

00:19:3b:81:9b:ca 

PTP 4 

Open 

-55 

-95 

149 (5745 MHz) 


00:0c:43:28:60:3c 

APC 

Open 

-58 

-95 

157 (5785 MHz) 

iPoll 

Last updatcKi before 0:00:10 
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Last updated before - displays when the last scan was 
performed. 

The results of the Site Survey test are converted to handy two graphs: AP count and RSSI. An 
administrator can use this to identify the best channel for device operation that will not receive 
interference from adjacent APs. 


€0 



5180 5220 5260 5300 5500 5540 5580 5680 5745 5785 5825 


7.5.3 Delayed Reboot 

This tool is extremely useful while tuning radio settings - once you defined hypothetic radio 
parameters and set them with Apply button (not written to the permanent memory), device starts 
Operating with the new settings, and in case the link fails, device will be rebooted in specified minutes, 
thus the old settings will be set back. 

Dn-e tlm« d-elay«d reboot 


[ start ] itc 

Reboot after js |-^ minutes 


Reboot after - specify time in minutes, after which the device will be rebooted. 

Start/Stop - click to start or stop delayed reboot tool. 

7.5.4 Ping 

This command is used to test whether a particular host is reachable across an IP network. The Ping 
results will be displayed graphically: 
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Ip address or Host name | 192.1GB.3.152 
Packet size 64 
I '^tarL f ng Stop ping 


l.G 


1.4 



P O.G 


0.4 


0.2 


0 


0 % loss 
ttl 64 

Min: 0.927 ms 
Avgi I.OIS ms 
Max: 1.590 ms 


IP address or Host name - specify the destination IP address or Host name. 
Packet size - specify the packet size. 


7.5.5 Trace route 


This tool is a route-tracing utility used to determine the path that an IP packet has taken to reach a 
destination. This is useful when trying to find out why destination is unreachable, as you will be able to 
see where the connection fails. 


Destination IP or Hostname 
Max Hops 


www.cnn.com 


15 


i j 



Hop 

IP address 

DNS 

Avg 

Min 

Max 

Chart 

1 

192.168.100.152 

192.168.100.152 

2.811 

2.429 

3.358 

2.811 ms 

2 

192.168.100.1 

192.168.100.1 

2.806 

2.521 

2.975 

2.806 ms 

3 

85.255.63.158 

85-255-63-158.ip.kis.lt 

6.773 

5.428 

8.996 

f 6.773 ms 

4 

193.189.86.1 

sr0-2.kis.lt 

13.789 

3.255 

31.157 

P 13.789 ms 

5 

193.189.86.138 

sr0.kls.lt 

23.085 

4.592 

42.316 

^ 23.085 ms 

6 

213.190.41.149 

213-190-41-149.static.telecom.lt 

38.658 

23.456 

47.746 

^^^^8.658 ms 

7 

213.248.90.253 

v/a r-b2-llnk.telia.net 

41.236 

25.86 

59.496 

F2h. 236 ms 

8 

80.91.245.248 

ffm-bb2-link.telia.net 

55.347 

32.65 

66.775 

^^5^.347 ms 

9 

80.91.247,169 

ffm-b2-link.telia.net 

70.307 

63.888 

80.159 

r ^ 7O.S07 ms 

10 

66.185.149.249 

dar2-frr-g5-0-9.atdn.net 

74.949 

66.532 

84.451 

1 74.9fl9 ms 

11 

66.185.152,146 

bbl-nev/-xe-0-2-0.atdn.net 

152.839 

140.589 

168.938 

1 152.839 ms^^ 

12 

66.185.152.162 

bbl-ash-pl3-0.atdn.net 

136.928 

131.186 

144.576 

1 136.928 ms' 


Destination IP or Hostname - specify hostname or IP address of the target host. 
Max Hops -Specifies the maximum number of hops to search for target. 
Start/Stop - click to start or stop traceroute tool. 
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7.5.6 Spectrum Analyser 

The Spectrum analyzer test displays detailed information about signal level of each APC unit's 
Antenna on each available frequency. This enables administrator choose the best available 
Frequency/channel for the unit operation. The frequency list depends on the Country at which the unit 
is operating, and chosen channel width. 

Do not use the Spectrum analyzer on the remote unit of the link, as the connection to the device will 
be lost during the test. 


Click Start button to perform the test: 


I Apply J ^ Discard j | Save & Apply j ^ Logout 

Status Configuration Services System Tools 

Antenna alignment Site survey DelaycKJ reboot Ping Traceroute Spectrum analyzer 


Note: do not use the Spectrum analyzer on the remote unit of the link, as the connection to the device vflil be 
lost during the test. 



Operating frequency range Maximum Current || Average 


£ -30 

CO 



5170 5195 5220 5245 5265 5290 5315 5495 5520 5545 5570 5595 5665 5690 5735 5760 5785 5810 5835 


Operating frequency range - displays the channel frequency range at which the APC unit is 
operating currently. 

Maximum - color indicates the maximum achieved signal level on the appropriate frequency. 
Current - color indicates the current signal level on the appropriate frequency. 

Average - indicates average of the signal level on the appropriate frequency. 


Universal Access Method (UAM) is a simple Web browser based user authentication method. On 
Initial HTTP request to any Web site, client’s browser is redirected to the authentication page for login 
To the network. The login page can be served by internal Web server or by external Web Application 
Server. 
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8.1 DAM Overview 

When using internal UAM, the Login page is the first page a client receives when he starts his Web 
browser and enters any URL. To get access to the network, the user should enter his authentication 
settings: login name and password and click the login button: 


My Hots pot 


Welcome to my HotSpot! 

You can use the Internet, but have to login first. 
You must also agree to these terms and conditions . 


Username 


Password | 


Login & Accept Terms 


The GD-GEO20 could be shared by several Wireless Internet Service Providers (WISP). They 
are uniquely identified by specifying WISP domain name in addition to subscriber user name 
when logging in. APC can be configured to send authentication and accounting information to 
different 

Authentication, Authorization, and Accounting (AAA) servers associated with different WISP domains. 

Subscriber’s login format: 

• username 


8.2 UAM Configuration 

UAM authentication is available on radio interfaces (including VAPs) only if GD-GEO20 is 
working as router in Access Point (auto WDS) wireless mode. 


The APC allows user authentication through external or internal Web portal. This authentication 
method is called UAM. User provides login credentials and then Web portal attempts to authenticate 
and authorize the client using the provided information. Client will not send any authentication 
requests directly to the APC, the Web portal will do this. On success, APC will allow access to the 
Internet; otherwise Web portal will display failure notice. 
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Use Security section on Wireiess or VAP (depending on the interface on which the UAM wiii be 
configured) page for UAM configuration: choose the security option UAM: 


Security 


Security 

RADIUS settings 
NAS ID 
RADIUS server 1 
RADIUS server 2 
RADIUS secret 
RADIUS Auth port 
RADIUS Acct port 
RADIUS WEB page type 


[ UAM _^ 


nas 


192.168.2.182 



Interface IP address 192.168.20.66 

DHCP server settings 


Netv^rk 192.168.20.0 


Subnet mask 255.255.255.0 


DNS server 1 192.168.20.66 


DNS server 2 


WISPr Location name 

WISPr Location ID 
Operator name 
Netv/ork name 
ISO country code 
E.164 country code 
E.164 area code 


WISPr default max bandwidth 

Dovfliload, kbps 
Upload, kbps 


Data encryption settings 

Security | Personal WPA2 

Encryption ^ TKIP _ 

Passphrase 




RADIUS Settings 

NAS ID - specify the NAS identifier. 

RADIUS server 1 - specify the name or iP address of the primary RADIUS server. 

RADIUS server 2 - specify the name or IP address of the secondary RADIUS server. 

RADIUS Secret - specify the RADIUS shared secret. 

RADIUS authentication port - specify the UDP port number to use for radius authentication 
requests, defauit 1812 

RADIUS accounting port - specify the UDP port number to use for radius accounting requests, 
defauit 1813 

RADIUS WEB page type - choose the authentication Web portai type: 

■ Internal - use the buiit in authentication Web page. If selected, then when a user’s first tries to 
access the internet, they wiii be biocked, and re-directed to the buiit-in iogin page. The iogon data 
will be sent to the Radius Server for authentication. 

- External - specify the external authentication Web page URL and settings. If selected, then when 
A user first tries to access the Internet; they will be blocked, and re-directed to the URL specified 
beiow. 

■ Custom internal - upioad a customized internai page. 

Use HTTPS - enabie to use the HTTPS protocoi for connection and authentication. 

■ Key - upioad a PEM formatted private key fiie. 

■ Certificate - upload a PEM formatted certificate file. 
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WISPr Settings 

WISPr location name - specify the W ISPr location name. 

Operator name - specify the operator"s name 

Network name - specify the network name 

ISO country code - specify the country code in ISO standard. 

E.164 country code - specify the country code in E.164 standard. 

E.164 area code - specify the area code in E.164 standard. 

WISPr default max bandwidth - specify the default bandwidth limitation for clients. Note that if the 
External RADIUS server has traffic limitations preconfigured, and then RADIUS overrides these settings. 

Download, kbps - specify max download bandwidth in kbps. 

Upload, kbps - specify the max upload bandwidth in kbps. 

Interface IP address - specify the LAN interface IP address. Note that LAN settings on Network 
Menu will be disabled if UAM is enabled. 

DHCP settings - specify the dynamic IP settings for the connected users: 

Network - specify the network for IP address pool. 

Subnet mask - specify the subnet mask for the DHCP. 

DNS server - specify the primary and the secondary DNS servers. 

Data encryption settings - choose the data encryption method: 

■ Open - no encryption. 

■ Personal WP A - preshared key encryption with W PA using AES method. 

■ Personal WP A 2 - preshared key encryption with W PA2 using AES method. 


8.2.1 White/Black List 

The white and black access lists control user access to Web content through the APC. The 
unauthenticated users will be allowed to access sites from white list while access to the sites from black 
list will be denied even for authenticated users. 


white/Black list 




White list 


Black list 


Host/IP address 

Notes 

Host/IP address 

Notes 

188.213.65.22 

homepage 



[ + Ji - 1 


1 + 1 . - 1 



Use “+” sign to add new entry to the list, and sign to remove required one. 

White list 

Host/IP address - specify the IP addresses or hosts for free access even for unauthenticated users. 
Notes - add a description for the specified host or IP address. 

Black list 

Host/IP address - specify the IP addresses or hosts that will be not accessible even for the 
authenticated users. 

Notes - a description for the specified host or IP address. 
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9 Appendix 

9.1 Resetting Device to Factory Defaults 

Device has the capability of being reset to defaults by pinging the device with a certain packet size when the 
radio is booting. During the startup of the device, when the drivers of the Ethernet interfaces are loaded, the 
discovery daemon is started. The daemon suspends startup process for 3 seconds and waits for ICMP 
"echo request" packet of length 369 bytes. If the packet received, the discovery resets the device to 
default configuration. 

It is recommended to connect PC to the device via switch, as depending on PC OS settings, the 
ARP table might be fiushed during wired iink status change (connecting the device that wiii be 
reset). 

Steps to reset to default settings: 

Step 1 . Power off the APC device. 


Step 2. Obtain the device MAC address. 

Step 3. Connect a PC to the same physical subnet as the device. 

Step 4. Execute 'arp -s' command to assign the IP address (IP address should be from the same 

subnet as PC) to the device MAC address: 

arp -s <IP address to assign> <device MAC address> 

Note that syntax of MAC address differs depending on OS: 

■ Linux OS: AA:BB:CC:DD:EE:FF 

■ Windows OS: AA-BB-CC-DD-EE-FF 


Step 5. Start ping the device: 

For Linux users: ping <IP address> -s 369 

For Windows users: ping <IP address> -I 369 -t -w 0.2 


Step 6. Power up APC device and wait about 30sec or more (depending on device hardware). 

Step 7. Stop pinging the device, and let the device boot as usual. The device should start up with 

factory default settings. 
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9.2 RADIUS Attributes 

The following RADIUS attributes and messages are supported by the GD-GEO20. 


9.2.1 General Attributes 


Attribute 

Description 

User-name (1) 

Full username as entered by the user. 

User-Password (2) 

Used for DAM as alternative to CHAP-Password and CHAP-Chalienge. 

CHAP-Password (3) 

Used for UAM CHAP Authentication 

CHAP-Chailenge (60) 

Used for UAM CHAP Authentication 

EAP-Message (79) 

Used for W PA Authentication 

NAS-IP-Address (4) 

IP address of Chiili (set by the nasip or radiuslisten option, and 
otherwise "O.O.O.O") 

Service-T ype (6) 

Set to Login (1) for normal authentication requests. The Access-Accept 
message from the 

Radius server for configuration management messages must also 
be set to Administrative-User. 

Framed-IP-Address (8) 

IP address of the user, which is configurabie during MAC 
authentication in the Access-Accept. 

Fiiter-ID(11) 

Fiiter ID pass on to scripts possibly. 

Reply-Message (18) 

Reason of reject if present. 

State (24) 

Sent to chilli in Access-Accept or Access-Chaiienge. Used 
transparentiy in subsequent Access-Request. 

Class (25) 

Copied transparently by chilli from Access-Accept to Accounting- 
Request. 

Session-Timeout (27) 

Logout once session timeout is reached (seconds) 

Idle-Timeout (28) 

Logout once idie timeout is reached (seconds) 

aiied-Station-iD (30) 

Set to the nasmac option or the MAC address of chilii. 

Caliing-Station-iD (31) 

MAC address of client 

NAS-ldentifier (32) 

Set to radiusnasid option if present. 

Acct-Status-T ype (40) 

1=Start, 2=Stop, 3=1 nterim-Update 

Acct-Input-Octets (42) 

Number of octets received from client. 

Acct-Output-Octets (43) 

Number of octets transmitted to client. 

Acct-Session-ID (44) 

Unique ID to link Access-Request and Accounting-Request messages. 

Acct-Session-Time (46) 

Session duration in seconds. 

Acct-Input-Packets (47) 

Number of packets received from client. 

Acct-Output-Packets (48) 

Number of packets transmitted to client. 

Acct-Terminate-Cause (49) 

1=User-Request, 2=Lost-Carrier, 4=idle-Timeout, 5=Session-Timeout, 
11=NAS-Reboot 

Acct-Input-Gigawords (52) 

Number of times the Acct-input-Octets counter has wrapped around. 

Acct-Output-Gigawords (53) 

Number of times the Acct-Output-Octets counter has wrapped around. 

NAS-Port-Type (61) 

19=Wireless-IEEE-802.11 

Message-Authenticator (80) 

Is always included in Access-Request, if present in Access-Accept, 
Access-Chaiienge or 

Access-reject chilli wili validate that the Message-Authenticator is 
correct. 
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Attribute 

Description 

Acct-Interim-Interval (85) 

If present in Access-Accept chilli will generate interim accounting 
records with the specified interval (seconds). 

MS-MPPE-Send-Key (311,16) 

Used for W PA 

MS-MPPE-Recv-Key (311,17) 

Used for W PA 


9.2.2 WISPr Attributes 


Attribute 

Description 

WISPr-Location-ID (14122,1) 

Location ID is set to the radiuslocationid option if present. 
Should be in the format: isocc=, 

cc^E. 164_Cou ntry_Code>, ac^ E. 164_Area_Code>, 
network<ssid/ZONE> 

WISPr-Location-Name (14122, 2) 

Location Name is set to the radiuslocationname option if 
present. Should be in the format:, 

WISPr-Logoff-URL(14122, 3) 

Included in Access-Request to notify the operator of the 
log off URL. Defaults to " http://uamlisten:uamport/logoff". 

WISPr-Redirection-URL (14122, 4) 

If present the client will be redirected to this URL once 
authenticated. 

This URL should include a link to WISPr-Logoff-URL in 
order to enable the client to log off. 

WISPr-Bandwidth-Max-Up (14122, 7) 

Maximum transmit rate (b/s). Limits the bandwidth of the 
connection. 

Note that this attribute is specified in bits per second. 

WISPr-Bandwidth-Max-Down (14122, 8) 

Maximum receive rate (b/s). Limits the bandwidth of the 
connection. 

Note that this attribute is specified in bits per second. 

WISPr-Session-Terminate-Time (14122, 9) 

The time when the user should be disconnected in ISO 
8601 format (YYYY-MM-DDThh:mm:ssTZD). 

If TZD is not specified local time is assumed. 

For example a disconnect on 18 December 2001 at 7:00 

PM UTC would be specified as 2001-12- 
18T19:00:00 -h00:00. 

9.2.3 ChilliSpot Attributes 

Attribute 

Description 

ChilliSpot-Max-Input-Octets (14559,1) 

Maximum number of octets the user is allowed to transmit. 
After this limit has been reached the user will be 
disconnected. 

ChilliSpot-Max-Output-Octets (14559, 2) 

Maximum number of octets the user is allowed to receive. 
After this limit has been reached the user will be 
disconnected. 

ChilliSpot-Max-Total-Octets (14559, 3) 

Maximum total octets the user is allowed to send or 
receive. 

After this limit has been reached the user will be 
disconnected. 

ChilliSpot-Bandwidth-Max-Up (14559, 4) 

Maximum bandwidth up 
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Attribute 

Description 

ChilliSpot-Bandwidth-Max-Down (14559, 5) 

Maximum bandwidth down 

ChilliSpot-Config (14559, 6) 

Configurations passed between chilli and back-end as 
name value pairs 

ChilliSpot-Lang (14559, 7) 

Language selected in user interface 

ChilliSpot-Version (14559, 8) 

Version of Chilli sending this AccessRequest 



